DNS
DNS¶
Overview¶
This document covers the structure and operating principles of DNS (Domain Name System). You will learn about the hierarchical structure of DNS, which translates human-readable domain names into IP addresses, as well as query methods and record types.
Difficulty: ββ Estimated Learning Time: 2 hours Prerequisites: 11_UDP_and_Ports.md
Table of Contents¶
- What is DNS?
- Domain Name Structure
- How DNS Works
- DNS Record Types
- DNS Caching
- DNS Tools
- Practice Problems
- Next Steps
- References
1. What is DNS?¶
1.1 DNS Definition¶
DNS (Domain Name System) is a distributed database system that translates domain names into IP addresses.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Role of DNS β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Human: I want to access www.google.com! β
β β
β www.google.com β
β β β
β βΌ β
β βββββββββββ β
β β DNS β "www.google.com = 142.250.196.68" β
β β Server β β
β βββββββββββ β
β β β
β βΌ β
β 142.250.196.68 β
β β β
β βΌ β
β βββββββββββ β
β β Google β β
β β Server β β
β βββββββββββ β
β β
β Analogy: The Internet's Phone Book β
β Name β Phone Number (Domain β IP Address) β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1.2 Why DNS is Needed¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Can We Live Without DNS? β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β What if we use IP addresses directly? β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ http://142.250.196.68 β Google β β
β β β’ http://31.13.82.36 β Facebook β β
β β β’ http://52.94.236.248 β Amazon β β
β β β β
β β Problems: β β
β β 1. Hard to memorize β β
β β 2. User confusion when IP addresses change β β
β β 3. Difficult to host multiple services on one IP β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β Advantages of DNS: β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Easy-to-remember names β β
β β β’ Server IP changes are transparent β β
β β β’ Load balancing possible (multiple IP mappings) β β
β β β’ Regional optimal server connections β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1.3 DNS Characteristics¶
| Characteristic | Description |
|---|---|
| Distributed System | Servers distributed worldwide cooperate |
| Hierarchical Structure | Root β TLD β Authoritative server hierarchy |
| Caching | Uses cache for performance improvement |
| Redundancy | Multiple servers ensure availability |
| Protocol | Primarily UDP 53 (TCP 53 for large volumes) |
2. Domain Name Structure¶
2.1 Domain Hierarchy¶
Domain Name Hierarchy
. (Root)
β
βββββββββββββββββΌββββββββββββββββ
β β β
com org kr
(TLD) (TLD) (ccTLD)
β β β
ββββββ΄βββββ ... βββββ΄ββββ
β β β β
google amazon co go
(SLD) (SLD) (2LD) (2LD)
β β β β
www aws naver korea
(sub) (sub) (3LD) (3LD)
β
www
(sub)
FQDN (Fully Qualified Domain Name):
www.google.com. β The trailing dot (.) represents root
2.2 Domain Components¶
www.example.co.kr
β β β β
ββββββββββββββββββ β β ββββ TLD (Top-Level Domain)
β βββββββββββββββ β Top-level domain (kr)
β β ββββββββ
β β β
Subdomain SLD Second-level
(3rd level) (2nd level) (under TLD)
Analysis:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β www.example.co.kr β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β kr : TLD (Country Code Top-Level Domain - ccTLD) β
β co : Second-level domain (for companies in Korea) β
β example : Registered domain name β
β www : Subdomain (hostname) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
2.3 TLD Types¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TLD Categories β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β gTLD (Generic TLD) - Generic Top-Level Domains β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β .com - Commercial β β
β β .org - Non-profit organizations β β
β β .net - Network-related β β
β β .edu - Educational institutions (US) β β
β β .gov - US Government β β
β β .mil - US Military β β
β β .info - Information β β
β β .biz - Business β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β ccTLD (Country Code TLD) - Country Code Top-Level Domains β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β .kr - Korea β β
β β .jp - Japan β β
β β .uk - United Kingdom β β
β β .de - Germany β β
β β .cn - China β β
β β .us - United States β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β New gTLD - New Generic Top-Level Domains (since 2012) β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β .app, .dev, .blog, .shop, .xyz, .io, .ai, etc. β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
2.4 Korean Domain Structure¶
.kr Domain System
kr (ccTLD)
β
βββ co.kr : Commercial companies
βββ or.kr : Non-profit organizations
βββ go.kr : Government agencies
βββ ac.kr : Educational institutions (universities)
βββ re.kr : Research institutions
βββ ne.kr : Network services
βββ pe.kr : Personal
βββ region.kr: seoul.kr, busan.kr, etc.
Examples:
www.naver.com - Uses gTLD
www.samsung.co.kr - Korean company
www.korea.go.kr - Korean government
www.snu.ac.kr - Seoul National University
3. How DNS Works¶
3.1 DNS Server Types¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β DNS Server Types β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β 1. Recursive Resolver β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Receives client requests and queries other servers β β
β β β’ ISP or public DNS (8.8.8.8, 1.1.1.1) β β
β β β’ Caches results for reuse β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β 2. Root Name Server β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Top of DNS hierarchy β β
β β β’ 13 root servers worldwide (A-M) β β
β β β’ Provides TLD server locations β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β 3. TLD Name Server β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Responsible for .com, .org, .kr, etc. β β
β β β’ Provides authoritative server locations β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
β 4. Authoritative Name Server β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Holds actual DNS records for specific domains β β
β β β’ Provides final IP address responses β β
β β β’ Managed by domain owner β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
3.2 Recursive Query¶
When a client queries a Recursive Resolver, the resolver handles the entire process.
Recursive Query Process (looking up www.example.com)
ββββββββββββ ββββββββββββββββββββ
β Client ββββ(1) www.example.com?βββΊβ Recursive β
β β β Resolver β
β ββββ(10) 93.184.216.34 βββββ (e.g., 8.8.8.8) β
ββββββββββββ ββββββββββ¬ββββββββββ
β
ββββββββββββββββββββββββββββββββββββββββΌβββββββββββββββ
β β β
β ββββ(2) Where is .com server?βββββββΊβ β
β β βΌ β
β β ββββββββββββββββ β
β β β Root Server β β
β ββββ(3) TLD server address β (13 total) β β
β β ββββββββββββββββ β
β β β
β β ββββ(4) Where is example.com server?βββΊ β
β β β βΌ β
β β β ββββββββββββββββ β
β β β β .com TLD β β
β β ββββ(5) Auth server addrβ Server β β
β β β ββββββββββββββββ β
β β β β
β β β βββ(6) www.example.com IP?βββββΊ β
β β β β βΌ β
β β β β ββββββββββββββββββ β
β β β β β Authoritative β β
β β β βββ(7) 93.184.216.34 β Server β β
β β β β β(example.com) β β
β β β β ββββββββββββββββββ β
β β β β β
ββββ΄βββ΄βββ΄βββββββββββββββββββββββββββββββββββββββββββββ
3.3 Iterative Query¶
The Recursive Resolver queries each DNS server in sequence and directly queries the next server with the information received.
Iterative Query Process
Recursive Resolver
β
β
βββββββββββββββββββββββΌββββββββββββββββββββββ
β β β
β (2) "Where is com?" β β
β ββββββββββββββββββΊ β β
β βΌ β
β ββββββββββββββ β
β β Root β β
β ββββββββββββ β Server β β
β (3) "a.gtld-servers.net" β
β ββββββββββββββ β
β β
β (4) "Where is example.com?" β
β ββββββββββββββββββββββββββββββΊ β
β βΌ β
β ββββββββββββββ β
β β .com TLD β β
β ββββββββββββββββββββ β Server β β
β (5) "ns1.example.com" β
β ββββββββββββββ β
β β
β (6) "What's www.example.com's IP?" β
β ββββββββββββββββββββββββββββββββββββββΊ β
β βΌ β
β ββββββββββββββ
β βAuthoritativeβ
β ββββββββββββββββββββββββββββ β Server β
β (7) "93.184.216.34" ββββββββββββββ
β β
βββββββββββββββββββββββββββββββββββββββββββββ
3.4 DNS Query/Response Messages¶
DNS Message Structure
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Header β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β ID (16 bits) - Query/response matching β β
β β Flags: QR, Opcode, AA, TC, RD, RA, Z, RCODE β β
β β QDCOUNT, ANCOUNT, NSCOUNT, ARCOUNT β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Question β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β QNAME: www.example.com (query domain) β β
β β QTYPE: A (query type) β β
β β QCLASS: IN (Internet) β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Answer β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β NAME: www.example.com β β
β β TYPE: A β β
β β CLASS: IN β β
β β TTL: 300 (seconds) β β
β β RDLENGTH: 4 β β
β β RDATA: 93.184.216.34 β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Authority β
β (Authoritative server information) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Additional β
β (Additional information - e.g., authoritative server IP) β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
4. DNS Record Types¶
4.1 Common DNS Records¶
| Record | Meaning | Description |
|---|---|---|
| A | Address | IPv4 address mapping |
| AAAA | IPv6 Address | IPv6 address mapping |
| CNAME | Canonical Name | Domain alias |
| MX | Mail Exchanger | Mail server specification |
| NS | Name Server | Name server specification |
| TXT | Text | Text information (SPF, DKIM, etc.) |
| PTR | Pointer | Reverse lookup (IP β domain) |
| SOA | Start of Authority | Zone authority information |
| SRV | Service | Service location information |
| CAA | Certification Authority | Certificate issuance authority |
4.2 A Record¶
Maps a domain name to an IPv4 address.
A Record Examples
example.com. IN A 93.184.216.34
www.example.com. IN A 93.184.216.34
api.example.com. IN A 93.184.216.35
Load Balancing (Round Robin):
www.example.com. IN A 93.184.216.34
www.example.com. IN A 93.184.216.35
www.example.com. IN A 93.184.216.36
Query Result:
$ dig www.example.com A
;; ANSWER SECTION:
www.example.com. 300 IN A 93.184.216.34
4.3 AAAA Record¶
Maps a domain name to an IPv6 address.
AAAA Record Examples
example.com. IN AAAA 2606:2800:220:1:248:1893:25c8:1946
www.example.com. IN AAAA 2606:2800:220:1:248:1893:25c8:1946
Query Result:
$ dig www.example.com AAAA
;; ANSWER SECTION:
www.example.com. 300 IN AAAA 2606:2800:220:1:248:1893:25c8:1946
4.4 CNAME Record¶
Maps one domain to another domain (alias).
CNAME Record Examples
www.example.com. IN CNAME example.com.
blog.example.com. IN CNAME blogger.l.google.com.
shop.example.com. IN CNAME shops.myshopify.com.
CNAME Chaining:
alias.example.com. IN CNAME www.example.com.
www.example.com. IN CNAME example.com.
example.com. IN A 93.184.216.34
Query Process:
alias.example.com
β www.example.com (CNAME)
β example.com (CNAME)
β 93.184.216.34 (A)
Notes:
- Cannot use CNAME on root domain (example.com)
- Cannot be used with MX, NS records
- Use ALIAS/ANAME record instead (some DNS providers)
4.5 MX Record¶
Specifies mail servers for the domain.
MX Record Examples
example.com. IN MX 10 mail1.example.com.
example.com. IN MX 20 mail2.example.com.
example.com. IN MX 30 mail3.backup.com.
Priority:
- Lower number = higher priority
- Try in order: 10 β 20 β 30
Google Workspace Example:
example.com. IN MX 1 aspmx.l.google.com.
example.com. IN MX 5 alt1.aspmx.l.google.com.
example.com. IN MX 5 alt2.aspmx.l.google.com.
example.com. IN MX 10 alt3.aspmx.l.google.com.
example.com. IN MX 10 alt4.aspmx.l.google.com.
Query:
$ dig example.com MX
;; ANSWER SECTION:
example.com. 300 IN MX 10 mail1.example.com.
example.com. 300 IN MX 20 mail2.example.com.
4.6 NS Record¶
Specifies name servers managing the domain.
NS Record Examples
example.com. IN NS ns1.example.com.
example.com. IN NS ns2.example.com.
Delegation:
sub.example.com. IN NS ns1.subdomain.com.
sub.example.com. IN NS ns2.subdomain.com.
Glue Records (when name server is in the same domain):
example.com. IN NS ns1.example.com.
ns1.example.com. IN A 192.0.2.1
ns2.example.com. IN A 192.0.2.2
4.7 TXT Record¶
Stores text information. Primarily used for authentication and verification.
TXT Record Uses
1. SPF (Sender Policy Framework) - Email sender authentication
example.com. IN TXT "v=spf1 include:_spf.google.com ~all"
2. DKIM (DomainKeys Identified Mail) - Email signature
google._domainkey.example.com. IN TXT "v=DKIM1; k=rsa; p=MIGf..."
3. DMARC (Domain-based Message Authentication)
_dmarc.example.com. IN TXT "v=DMARC1; p=reject; rua=mailto:dmarc@example.com"
4. Domain ownership verification (Google, MS, etc.)
example.com. IN TXT "google-site-verification=..."
example.com. IN TXT "MS=ms12345678"
5. Other service settings
example.com. IN TXT "facebook-domain-verification=..."
4.8 PTR Record¶
Maps IP addresses to domain names (reverse lookup).
PTR Record Examples
Reverse lookup zone:
IP: 93.184.216.34
Reverse domain: 34.216.184.93.in-addr.arpa
PTR Record:
34.216.184.93.in-addr.arpa. IN PTR www.example.com.
IPv6 Reverse:
IP: 2001:db8::1
Reverse domain: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa
Uses:
- Mail server verification (spam filters)
- Display IP as domain in logs
- Security checks
Query:
$ dig -x 93.184.216.34
;; ANSWER SECTION:
34.216.184.93.in-addr.arpa. 3600 IN PTR www.example.com.
4.9 SOA Record¶
Defines authority information for a DNS zone.
SOA Record Example
example.com. IN SOA ns1.example.com. admin.example.com. (
2024010101 ; Serial Number (YYYYMMDDNN)
3600 ; Refresh (1 hour)
600 ; Retry (10 minutes)
604800 ; Expire (1 week)
86400 ; Minimum TTL (1 day)
)
Field Descriptions:
- Primary NS: ns1.example.com (primary name server)
- Admin Email: admin@example.com (written as admin.example.com)
- Serial: Increment on each change (for secondary server sync)
- Refresh: How often secondary checks primary
- Retry: Retry interval if Refresh fails
- Expire: How long data is valid if primary is unreachable
- Minimum TTL: Cache time for negative responses (NXDOMAIN)
5. DNS Caching¶
5.1 Caching Layers¶
DNS Caching Layers
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β β
β Level 1: Browser Cache β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Browser's own DNS cache β β
β β β’ Chrome: chrome://net-internals/#dns β β
β β β’ Short TTL (usually minutes) β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β Level 2: Operating System Cache β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ OS DNS resolver cache β β
β β β’ Windows: ipconfig /displaydns β β
β β β’ macOS: dscacheutil -cachedump -entries β β
β β β’ Linux: systemd-resolved, etc. β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β Level 3: Recursive Resolver Cache β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ ISP or public DNS server cache β β
β β β’ Shared by many users β β
β β β’ TTL-based cache validity period β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β
β βΌ β
β Level 4: Authoritative Server β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β β’ Actual query on cache miss β β
β β β’ Provides authoritative response β β
β ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
5.2 TTL (Time To Live)¶
Role of TTL
TTL = Time a DNS record can be cached (in seconds)
example.com. 300 IN A 93.184.216.34
β
TTL (300 seconds = 5 minutes)
TTL Strategy:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Situation β Recommended β Reason β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Normal operation β 3600-86400 β Maximize cache β
β (1 hour - 1 day) β β efficiency β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Migration planned β 300-600 β Fast propagation β
β (5 min - 10 min) β β β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Failover/HA β 60-300 β Quick failure β
β (1 min - 5 min) β β response β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β Just before change β 60 β Fast old cache β
β (1 minute) β β expiration β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
TTL Trade-offs:
Low TTL:
+ Fast propagation of changes
- Increased DNS queries, server load
High TTL:
+ Cache efficiency, fast response
- Slow change propagation
5.3 Cache Flushing¶
# Windows
ipconfig /flushdns
# macOS
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder
# Linux (systemd-resolved)
sudo systemd-resolve --flush-caches
# Chrome browser
chrome://net-internals/#dns β Clear host cache
# Firefox
about:networking#dns β Clear DNS Cache
6. DNS Tools¶
6.1 nslookup¶
# Basic lookup
nslookup google.com
# Specific record lookup
nslookup -type=MX google.com
nslookup -type=A google.com
nslookup -type=AAAA google.com
# Use specific DNS server
nslookup google.com 8.8.8.8
# Interactive mode
nslookup
> set type=MX
> google.com
> exit
Output Example:
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: google.com
Address: 142.250.196.78
6.2 dig¶
# Basic lookup
dig google.com
# Specific record lookup
dig google.com A
dig google.com AAAA
dig google.com MX
dig google.com NS
dig google.com TXT
# Short output
dig +short google.com
# Detailed output (trace)
dig +trace google.com
# Use specific DNS server
dig @8.8.8.8 google.com
# Reverse lookup
dig -x 142.250.196.78
# Show TTL
dig +ttlid google.com
# Query all records
dig google.com ANY
Output Example:
;; ANSWER SECTION:
google.com. 137 IN A 142.250.196.78
;; Query time: 15 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
6.3 host¶
# Basic lookup
host google.com
# Specify record type
host -t MX google.com
host -t NS google.com
host -t TXT google.com
# Verbose output
host -v google.com
# Reverse lookup
host 142.250.196.78
Output Example:
google.com has address 142.250.196.78
google.com has IPv6 address 2404:6800:4004:821::200e
google.com mail is handled by 10 smtp.google.com.
6.4 Interpreting dig Output¶
$ dig www.example.com
; <<>> DiG 9.18.1 <<>> www.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12345
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.example.com. IN A
;; ANSWER SECTION:
www.example.com. 86400 IN A 93.184.216.34
;; Query time: 25 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Jan 15 10:30:45 KST 2024
;; MSG SIZE rcvd: 59
Interpretation:
- status: NOERROR β Success
- flags: qr(response), rd(recursion desired), ra(recursion available)
- QUESTION: Query content
- ANSWER: Response (A record, TTL 86400 sec, IP 93.184.216.34)
- Query time: Response time (25ms)
- SERVER: Responding DNS server
6.5 Public DNS Servers¶
| Provider | IPv4 | IPv6 | Features |
|---|---|---|---|
| 8.8.8.8, 8.8.4.4 | 2001:4860:4860::8888 | Global, fast | |
| Cloudflare | 1.1.1.1, 1.0.0.1 | 2606:4700:4700::1111 | Privacy-focused |
| Quad9 | 9.9.9.9, 149.112.112.112 | 2620:fe::fe | Security-focused |
| OpenDNS | 208.67.222.222 | 2620:119:35::35 | Filtering options |
7. Practice Problems¶
Problem 1: Domain Structure Analysis¶
Identify each part of the following domains.
a) www.shop.amazon.co.uk
b) mail.google.com
c) api.v2.example.org
Problem 2: DNS Record Matching¶
Select the appropriate DNS record type for each situation.
a) Specify web server's IPv4 address b) Specify mail server c) Redirect www to base domain d) Domain ownership authentication e) Specify name server f) Specify IPv6 address
Problem 3: dig Output Analysis¶
Analyze the following dig output.
;; ANSWER SECTION:
example.com. 600 IN MX 10 mail1.example.com.
example.com. 600 IN MX 20 mail2.example.com.
example.com. 600 IN MX 30 backup.mail.com.
a) What is the TTL? b) Which mail server is used first? c) What happens if all mail servers are down?
Problem 4: DNS Query Practice¶
Execute the following commands and analyze the results.
dig google.com A
dig google.com MX
dig +trace google.com
Answers¶
Problem 1 Answers¶
a) www.shop.amazon.co.uk
uk : TLD (ccTLD - United Kingdom)
co : Second-level domain (for companies)
amazon: Registered domain
shop : Subdomain
www : Subdomain (hostname)
b) mail.google.com
com : TLD (gTLD)
google: SLD (registered domain)
mail : Subdomain
c) api.v2.example.org
org : TLD (gTLD)
example: SLD
v2 : Subdomain
api : Subdomain
Problem 2 Answers¶
- a) IPv4 address β A Record
- b) Mail server β MX Record
- c) Redirect β CNAME Record
- d) Ownership authentication β TXT Record
- e) Name server β NS Record
- f) IPv6 address β AAAA Record
Problem 3 Answers¶
a) TTL = 600 seconds (10 minutes) b) Primary mail server: mail1.example.com (priority 10) c) Attempt backup.mail.com, then fail β Mail delivery fails (bounce)
Problem 4 Answers¶
Results vary by environment, but check: - A record: Google's IP addresses (may be multiple) - MX record: Google's mail servers (aspmx.l.google.com, etc.) - +trace: Query sequence from root β .com TLD β google.com authoritative server
8. Next Steps¶
After understanding DNS, learn about HTTP and HTTPS.
Next Lesson¶
- 13_HTTP_and_HTTPS.md - HTTP Protocol, TLS/SSL
Related Lessons¶
- 11_UDP_and_Ports.md - UDP used by DNS
- 15_Network_Security_Basics.md - DNS Security
Recommended Practice¶
- Trace DNS query process with
dig +trace - Check your own DNS server settings
- Query DNS records for various domains
9. References¶
RFC Documents¶
- RFC 1034 - Domain Names: Concepts and Facilities
- RFC 1035 - Domain Names: Implementation and Specification
- RFC 8484 - DNS Queries over HTTPS (DoH)
- RFC 7858 - DNS over TLS (DoT)
Online Tools¶
- DNS Checker - Check DNS propagation worldwide
- MX Toolbox - DNS/mail diagnostics
- whatsmydns.net - DNS lookup
- IntoDNS - DNS configuration check
Learning Resources¶
Document Information - Last Modified: 2024 - Difficulty: ββ - Estimated Learning Time: 2 hours